diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb index 6559906..be3d5ed 100644 --- a/app/controllers/registrations_controller.rb +++ b/app/controllers/registrations_controller.rb @@ -8,7 +8,11 @@ # GET /resource def new - oauth = session["devise.#{scheme.name.downcase}_data"] + oauth = {provider: nil, uid: nil} + IdentifierScheme.all.each do |scheme| + oauth = session["devise.#{scheme.name.downcase}_data"] + end + @user = User.new unless oauth.nil? @@ -61,13 +65,15 @@ end - def update - if user_signed_in? then - @user = User.find(current_user.id) - - do_update + def update + if user_signed_in? then + @user = User.find(current_user.id) + @languages = Language.order("name") + @identifier_schemes = IdentifierScheme.where(active: true).order(:name) + + do_update else - render(:file => File.join(Rails.root, 'public/403.html'), :status => 403, :layout => false) + render(:file => File.join(Rails.root, 'public/403.html'), :status => 403, :layout => false) end end @@ -116,7 +122,8 @@ end set_flash_message :notice, :updated # Sign in the user bypassing validation in case his password changed - sign_in @user, :bypass => true + sign_in @user, bypass_sign_in: true + #sign_in @user, :bypass => true #if params[:unlink_flag] == 'true' then redirect_to({:controller => "registrations", :action => "edit"}, {:notice => I18n.t('helpers.project.details_update_success')}) diff --git a/app/models/user.rb b/app/models/user.rb index c2986d0..4307843 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -51,7 +51,7 @@ :firstname, :last_login,:login_count, :orcid_id, :password, :shibboleth_id, :user_status_id, :surname, :user_type_id, :organisation_id, :skip_invitation, :other_organisation, :accept_terms, :role_ids, :dmponline3, :api_token, - :organisation, :language + :organisation, :language, :language_id validates :email, email: true, allow_nil: true, uniqueness: true diff --git a/app/views/shared/_register_form.html.erb b/app/views/shared/_register_form.html.erb index fd9150e..a283e3e 100644 --- a/app/views/shared/_register_form.html.erb +++ b/app/views/shared/_register_form.html.erb @@ -22,7 +22,7 @@ <% end %> <% if resource.user_identifiers.count > 0 %> <% scheme = resource.user_identifiers.identifier_scheme.name %> - <%= f.hidden_field "user_identifiers[#{scheme}]" value: resource.user_identifiers.first.identifier%> + <%= f.hidden_field "user_identifiers[#{scheme}]", value: resource.user_identifiers.first.identifier%> <% end %>
  • <%= collection_select(:user, :organisation_id, Organisation.where("parent_id IS NULL").order("sort_name ASC, name ASC"), :id, :name, {include_blank: constant("organisation_types.organisation")}, { :class => 'typeahead org_sign_up' }) %> diff --git a/test/functional/registrations_controller_test.rb b/test/functional/registrations_controller_test.rb index e69de29..d610c83 100644 --- a/test/functional/registrations_controller_test.rb +++ b/test/functional/registrations_controller_test.rb @@ -0,0 +1,119 @@ +require 'test_helper' + +class RegistrationsControllerTest < ActionDispatch::IntegrationTest + include Devise::Test::IntegrationHelpers + + setup do + @user = users(:cc_super) + end + + # ------------------------------------------------------------- + test "sign up form loads" do + get new_user_registration_path + + assert_response :success + assert_not '#new_user'.nil? + end + + # ------------------------------------------------------------- + test "user receives proper error messaging if they have not accepted terms" do + post user_registration_path, {user: {accept_terms: false}} + + assert_response :redirect + follow_redirect! + + assert_response :success + assert_equal I18n.t('helpers.you_must_accept'), flash[:alert] + end + + # ------------------------------------------------------------- + test "user receives proper error messaging if they have not provided a valid email and/or password" do + [ {}, + {email: 'foo.bar@test.org'}, # No Password or Confirmation + {password: 'test12345'}, # No Confirmation + {password_confirmation: 'test12345'}, # No Password + {password: 'test12345', password_confirmation: 'test12345'}, # No Email + {email: 'foo.bar@test.org', password: 'test', password_confirmation: 'test'}, # Password is too short + {email: 'foo.bar@test.org', password: 'test12345', password_confirmation: 'test123'}, # Passwords do not match + {email: 'foo.bar$test.org', password: 'test12345', password_confirmation: 'test12345'} # invalid email + ].each do |params| + post user_registration_path, {user: {accept_terms: 1}.merge(params)} + + assert_response :redirect + follow_redirect! + + assert_response :success + assert_equal I18n.t('helpers.error_registration_check'), flash[:alert] + end + end + + # ------------------------------------------------------------- + test "user is able to register and is auto-logged in and brought to profile page" do + form = {accept_terms: 1, + email: 'foo.bar@test.org', + password: 'Test12345', + password_confirmation: 'Test12345'} + + cntr = 1 + # Test the bare minimum requirements and then all options + [form, form.merge({email: "foo.bar#{cntr}@test.org", + organisation_id: Organisation.first.id})].each do |params| + post user_registration_path, {user: params} + + assert_response :redirect + assert_redirected_to "#{root_url}?locale=#{I18n.locale}" + + follow_redirect! + assert_response :success + assert_equal I18n.t('devise.registrations.signed_up_but_unconfirmed'), flash[:notice] + assert_select '.welcome-message h2', I18n.t('welcome_title') + + cntr += 1 + end + end + + # ------------------------------------------------------------- + test "edit profile page loads when logged in" do + sign_in @user + + get edit_user_registration_path + + assert_response :success + assert_select '.main_page_content h1', I18n.t('helpers.edit_profile') + + end + + # ------------------------------------------------------------- + test "user is able to edit their profile" do + sign_in @user + + put user_registration_path, {user: {firstname: 'Foo', surname: 'Bar'}} + + assert_response :success + assert_equal nil, flash[:notice] + assert_select '.main_page_content h1', I18n.t('helpers.edit_profile') + end + +# INVALID AUTH REROUTING CHECKS + # ------------------------------------------------------------- + test "sign up form does NOT load if already logged in" do + sign_in @user + get new_user_registration_path + + assert_authorized_redirect_to_plans_page + end + + # ------------------------------------------------------------- + test "edit profile page does NOT load if not logged in" do + get edit_user_registration_path + + assert_unauthorized_redirect_to_root_path + end + + # ------------------------------------------------------------- + test "can NOT edit profile if not logged in" do + post user_registration_path, {user: {firstname: 'Foo', surname: 'Bar'}} + + assert_unauthorized_redirect_to_root_path + end +end \ No newline at end of file diff --git a/test/test_helper.rb b/test/test_helper.rb index cfdf66f..5b149f0 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -26,6 +26,32 @@ name.gsub(/([a-z]+)([A-Z])/, '\1_\2').gsub('-', '_').downcase end +# FUNCTIONAL/INTEGRATION TEST HELPERS + # ---------------------------------------------------------------------- + def assert_unauthorized_redirect_to_root_path + assert_response :redirect + assert_match "#{root_url}", @response.redirect_url + + follow_redirect! + assert_response :success + assert_select '.welcome-message h2', I18n.t('welcome_title') + end + + # ---------------------------------------------------------------------- + def assert_authorized_redirect_to_plans_page + assert_response :redirect + assert_match "#{root_url}", @response.redirect_url + + # Devise intermediary step prior to sending the user to the final destination + follow_redirect! + assert_response :redirect + assert_redirected_to "#{projects_url}" + + follow_redirect! + assert_response :success + assert_select '.main_page_content h1', I18n.t('helpers.project.projects_title') + end + # UNIT TEST HELPERS # ----------------------------------------------------------------------